Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17b57109-c3f8-4f4e-a1e4-f1969fd9dff5.roa
File: 17b57109-c3f8-4f4e-a1e4-f1969fd9dff5.roa (raw, json)
Hash identifier: Cq6K8O3GKdlJm8jqtVqi55tOq4DKnV2FXrYx0BrpIuI=
Subject key identifier: F5:D2:CD:30:BB:F7:6F:3A:68:1F:BC:3A:FC:17:1F:C8:40:F6:3C:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2F663F7E442E2FCC85B7DDB095FA920388E9A017
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17b57109-c3f8-4f4e-a1e4-f1969fd9dff5.roa
Signing time: Mon 01 Apr 2024 00:00:00 +0000
ROA not before: Mon 01 Apr 2024 00:00:00 +0000
ROA not after: Mon 06 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Apr 2024 18:57:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:66:3f:7e:44:2e:2f:cc:85:b7:dd:b0:95:fa:92:03:88:e9:a0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 1 00:00:00 2024 GMT
Not After : May 6 23:59:59 2024 GMT
Subject: serialNumber=eb0ed42ddd609eecc66cc7178d35fd8127fec1c4a558dc2c1780651d63f0b7c5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d2:dd:2f:40:b8:a4:cf:b3:06:5e:03:4d:f0:
5a:76:cd:91:09:1f:93:ef:65:ca:d2:c2:cf:91:f3:
cb:da:6a:c8:c0:f3:44:7b:c6:5b:e7:fc:b7:06:f2:
fd:f6:f9:8c:ba:36:73:5c:99:28:d3:e4:34:ce:99:
85:ae:1d:52:4c:ec:39:a3:6a:12:57:8b:ba:3e:44:
82:fc:d5:4f:5f:a2:a1:fe:c2:4d:14:5f:6f:bb:9c:
74:67:12:0d:a9:0f:78:84:f4:2a:cf:df:94:c8:94:
25:96:e6:3a:db:02:88:98:39:e8:e7:97:5e:a2:82:
65:dc:cb:72:ed:54:1a:9d:fd:7d:80:22:6b:bf:83:
4b:c9:fe:4f:9d:e2:8c:26:67:b0:25:d2:2b:4f:f7:
e2:69:bb:5c:28:e9:06:5b:1a:db:e4:1f:dc:cc:99:
50:49:96:0b:10:4c:22:e0:db:b0:4c:19:8d:04:3d:
67:db:07:81:4a:d6:dc:3d:a9:1c:9a:9f:aa:e8:fa:
c5:85:60:5d:f7:d7:9a:42:82:4f:ce:93:b2:78:75:
08:84:07:35:27:b1:55:63:b5:ac:51:d0:43:23:98:
b0:d9:60:80:c9:e2:85:79:e6:9e:87:38:19:0e:40:
74:b8:55:42:b6:ad:1b:aa:7a:0b:e6:c0:23:62:c8:
aa:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D2:CD:30:BB:F7:6F:3A:68:1F:BC:3A:FC:17:1F:C8:40:F6:3C:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17b57109-c3f8-4f4e-a1e4-f1969fd9dff5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
16:4a:e9:08:23:93:30:b9:c2:ac:e1:7a:ce:42:ff:d0:af:4c:
4a:eb:64:03:17:e9:49:05:94:42:f1:e5:37:42:bd:26:e3:a1:
c1:a0:b1:5e:8c:50:35:18:58:d6:4d:4a:a3:2d:55:19:e8:9f:
37:61:cc:64:cb:02:13:63:2b:ea:6e:60:f3:e7:4f:51:b6:61:
ad:d9:c4:22:b2:f9:d2:03:9a:6e:fd:24:ed:ad:eb:ad:fa:54:
b8:56:00:f8:b3:db:1d:2b:8c:89:6f:45:de:65:cc:0f:76:c3:
c3:37:40:c2:8a:80:38:7a:48:e8:38:40:dc:2e:17:91:44:ff:
2b:e0:dd:2b:4f:69:c4:36:a8:bb:a2:e8:ea:34:49:7c:63:1c:
9e:b2:b8:9d:56:9d:fa:70:8a:0c:a4:f8:07:16:5d:6e:de:8f:
27:69:28:bb:d5:d7:d3:d7:b4:b4:94:eb:75:72:bb:7b:45:fd:
f6:47:3d:7f:f5:4f:df:b7:0f:cf:82:8c:06:bc:e1:ca:86:b5:
67:49:7e:c6:42:f8:3a:5c:43:c2:24:6e:17:fb:06:ff:ca:45:
bc:32:4a:58:ed:f5:1a:fa:98:3c:3d:d4:c5:58:fb:6d:57:9d:
67:d1:53:29:21:db:37:80:01:5a:11:c4:b2:e5:0d:f9:1b:16:
52:f3:4f:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUL2Y/fkQuL8yFt92wlfqSA4jpoBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDA0MDEwMDAwMDBaFw0yNDA1MDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMGVkNDJkZGQ2MDllZWNjNjZjYzcxNzhkMzVmZDgxMjdmZWMxYzRhNTU4
ZGMyYzE3ODA2NTFkNjNmMGI3YzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7S3S9AuKTPswZeA03wWnbNkQkfk+9lytLCz5Hzy9pqyMDzRHvGW+f8twby
/fb5jLo2c1yZKNPkNM6Zha4dUkzsOaNqEleLuj5EgvzVT1+iof7CTRRfb7ucdGcS
DakPeIT0Ks/flMiUJZbmOtsCiJg56OeXXqKCZdzLcu1UGp39fYAia7+DS8n+T53i
jCZnsCXSK0/34mm7XCjpBlsa2+Qf3MyZUEmWCxBMIuDbsEwZjQQ9Z9sHgUrW3D2p
HJqfquj6xYVgXffXmkKCT86Tsnh1CIQHNSexVWO1rFHQQyOYsNlggMnihXnmnoc4
GQ5AdLhVQratG6p6C+bAI2LIqqcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT10s0w
u/dvOmgfvDr8Fx/IQPY87DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTdiNTcxMDktYzNmOC00ZjRlLWExZTQtZjE5NjlmZDlkZmY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQAWSukII5MwucKs4XrOQv/Qr0xK62QDF+lJBZRC8eU3
Qr0m46HBoLFejFA1GFjWTUqjLVUZ6J83YcxkywITYyvqbmDz509RtmGt2cQisvnS
A5pu/STtreut+lS4VgD4s9sdK4yJb0XeZcwPdsPDN0DCioA4ekjoOEDcLheRRP8r
4N0rT2nENqi7oujqNEl8YxyesridVp36cIoMpPgHFl1u3o8naSi71dfT17S0lOt1
crt7Rf32Rz1/9U/ftw/PgowGvOHKhrVnSX7GQvg6XEPCJG4X+wb/ykW8MkpY7fUa
+pg8PdTFWPttV51n0VMpIds3gAFaEcSy5Q35GxZS8086
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:32:18 2024 by rpki-client on console-fra.rpki-client.org